<html><head><meta name="Generator" content="PSI HTML/CSS Generator"/>
<style type="text/css"><!--
body{font-family:'Arial';font-size:10pt;font-color:'#000000';}
LI{display:list-item;margin:0.00in;}
p{display:block;margin:0.00in;}
body{}
--></style>
</head><BODY BGCOLOR="#F8F8F8" ><div><SPAN style="font-family:'Arial';font-size:10pt;">I have squid 2.6.STABLE17 with tproxy compiled in, linux kernel (2.6.20.14) is properly patched with tproxy.</SPAN></div>
<div><SPAN style="font-family:'Arial';font-size:10pt;">Tproxy is working fine and it's spoofing the ip addressed correctly, but there's very strange new connection limit.</SPAN></div>
<div><SPAN style="font-family:'Arial';font-size:10pt;">When i run squid in transparent mode (without tproxy) i got 400-500 conn/sec with httperf and default parms, but with tproxy option i got about 9 conn/sec.</SPAN></div>
<div> </div>
<div><SPAN style="font-family:'Arial';font-size:10pt;">Here's the output:</SPAN></div>
<div><SPAN style="font-family:'Arial';font-size:10pt;">httperf --client=0/1 --server=192.168.1.1 --port=65432 --uri=/ --send-buffer=4096 --recv-buffer=16384 --num-conns=1 --num-calls=1</SPAN></div>
<div><SPAN style="font-family:'Arial';font-size:10pt;">Maximum connect burst length: 0</SPAN></div>
<div> </div>
<div><SPAN style="font-family:'Arial';font-size:10pt;">Total: connections 1 requests 1 replies 1 test-duration 0.110 s</SPAN></div>
<div> </div>
<div><SPAN style="font-family:'Arial';font-size:10pt;">Connection rate: 9.1 conn/s (110.2 ms/conn, <=1 concurrent connections)</SPAN></div>
<div><SPAN style="font-family:'Arial';font-size:10pt;">Connection time [ms]: min 110.2 avg 110.2 max 110.2 median 110.5 stddev 0.0</SPAN></div>
<div><SPAN style="font-family:'Arial';font-size:10pt;">Connection time [ms]: connect 1.8</SPAN></div>
<div><SPAN style="font-family:'Arial';font-size:10pt;">Connection length [replies/conn]: 1.000</SPAN></div>
<div> </div>
<div><SPAN style="font-family:'Arial';font-size:10pt;">Even on localhost when i get about 4000 conn/sec i got only 9 with tproxy option.</SPAN></div>
<div><SPAN style="font-family:'Arial';font-size:10pt;">Is there something that limits the number of new connections and delays SYN ?</SPAN></div>
</body></html>